如何将Boto与织物结合 [英] How to combine boto with fabric

问题描述

我要提一下.我使用Windows.

I need to mention. I use Windows.

现在我知道如何使用boto.但是我遇到了无法基于boto运行"sudo"的问题.

Now I know how to use boto. But I faced the problem that I can't run "sudo" based on boto.

status, stdout, stderr = ssh_client.run('sudo python killerparser.py')

错误是 sudo:抱歉，您必须有一个tty才能运行sudo

然后我尝试运行它.

status, stdout, stderr = ssh_client.run('ssh -t localhost sudo python killerparser.py')

但是现在错误变为'因为stdin不是终端，伪终端将不会被分配.\ r \ n主机密钥验证失败.'

我不想更改不安全的用户数据.因此，提出了使用织物的想法.但是如何定义主机和密钥路径?我认为结构不是基于对象的，这确实令人沮丧. 我所有的代码:

I don't want to change user-data which is unsafe. So It comes up to the idea to use fabric. But how to define the host and key path? I think fabric is not object based which is really frustrating. My all code:

import boto.ec2
from boto.manage.cmdshell import sshclient_from_instance
from  fabric.api import env, run, cd, settings, sudo,hosts;

env.host = 'ec2-user@#.#.#.#'
env.user = "ec2-user"
env.key_filename = "D:\key.pem"
conn = boto.ec2.connect_to_region('us-east-1',aws_access_key_id="***",aws_secret_access_key="*")
instance = conn.get_all_instances(['***'])[0].instances[0]
ssh_client = sshclient_from_instance(instance,
                                     ssh_key_file='**',
                                     user_name='ec2-user')
sudo("cd ~");
sudo("python killerparser.py");

现在没有错误.但它无法执行外壳程序

Now there is no error. But it can't execute the shell

killerparser.py

The killerparser.py

import subprocess, signal,os;

for line in os.popen("ps ax | grep -i newLive.py"):
        if "grep" in line: continue;
        fields = line.split()
        pid = fields[0]
        os.kill(int(pid), signal.SIGKILL)
proc = subprocess.Popen('sudo python newLive.py 2>newLive.err', shell=True,
             stdin=None, stdout=None, stderr=None, close_fds=True)

推荐答案

我不同意您正在做的两件事.一个:sudo python...否.使它作为www-data或等效数据运行.另外，请使用supervisord而不是您当前正在执行的操作.

I disagree with two things you're doing. One: sudo python... No. Make that run as www-data or equivalent. Also, use supervisord and not what you're currently doing.

您是否在Windows上都没关系..您是在告诉我这对您不起作用吗?

Shouldn't matter if you're on windows or not.. You're telling me this doesn't work for you?

fabfile.py:

fabfile.py:

import boto.ec2
from fabric.api import env, run, sudo, task

env.key_filename = "/PATH/TO/SSH/FILE.pem"
env.user = "ubuntu"

@task
def amazon(**kwargs):
    conn = boto.ec2.connect_to_region(
        'us-east-1',
        aws_access_key_id="*********",
        aws_secret_access_key="**************"
    )

    hosts = []
    for reservation in conn.get_all_instances():
        for instance in reservation.instances:
            # if filters were applied
            if kwargs:
                skip_instance = False
                for key, value in kwargs.items():
                    instance_value = getattr(instance, key)

                    # makes sure that `group` is handeled
                    if isinstance(instance_value, list):
                        new_value = []
                        for item in instance_value:
                            if isinstance(item, boto.ec2.group.Group):
                                new_value.append(item.name)
                            else:
                                new_value.append(item)
                        instance_value = new_value

                        if value not in instance_value:
                            skip_instance = True
                            break
                    else:
                        # every other single value gets handeled here
                        if instance_value != value:
                            skip_instance = True
                            break

                if skip_instance:
                    continue

            if instance.dns_name:
                hosts.append(instance.dns_name)
            elif instance.ip_address:
                hosts.append(instance.ip_address)

    env.hosts = hosts


@task
def whoami():
    run('whoami')
    sudo('whoami')

我为您添加了过滤器，以防万一，您可以按以下方式运行它:

I added filters for you, just in case, you can run it as:

fab amazon whoami-它将遍历亚马逊中的每台服务器，并连接并运行whoami命令.

fab amazon whoami -- it will go through every single server in amazon and connect and run whoami commands.

fab amazon:ip_address=<IP OF AN INSTANCE YOU KNOW OF> whoami-仅使用在过滤器上ip匹配的框. (它应适用于boto instance中的每个字段)

fab amazon:ip_address=<IP OF AN INSTANCE YOU KNOW OF> whoami -- will only use the box whos ip matched on the filter. (It should work for every field in the instance in boto)

那只是个头，groups是我"会使用的一个:

that one is just a gimmick, groups is the one "I" would use:

fab amazon:groups=<GROUP NAME FROM AMAZON> whoami-将在与所述组名匹配的所有服务器上运行whoami.

fab amazon:groups=<GROUP NAME FROM AMAZON> whoami -- will run whoami on all servers that matched said group name.

证明:

$ fab amazon:dns_name=******* whoami
[*******] Executing task 'whoami'
[*******] run: whoami
[*******] out: ubuntu
[*******] out: 

[*******] sudo: whoami
[*******] out: root
[*******] out: 


Done.
Disconnecting from *******... done.

和

$ fab amazon:groups=webservers whoami
[***1***] Executing task 'whoami'
[***1***] run: whoami
[***1***] out: ubuntu
[***1***] out: 

[***1***] sudo: whoami
[***1***] out: root
[***1***] out: 

... truncated...

[***4***] Executing task 'whoami'
[***4***] run: whoami
[***4***] out: ubuntu
[***4***] out: 

[***4***] sudo: whoami
[***4***] out: root
[***4***] out: 


Done.
Disconnecting from ***1***... done.
Disconnecting from ***2***... done.
Disconnecting from ***3***... done.
Disconnecting from ***4***... done.
Disconnecting from ***5***... done.
Disconnecting from ***6***... done.
Disconnecting from ***7***... done.

这篇关于如何将Boto与织物结合的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！